<?php
/**
 * Created by PhpStorm.
 * User: HarrisHuang
 * Date: 17/5/11
 * Time: 23:10
 */
namespace App\Http\Middleware;

use Closure;

class Cors
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request $request
     * @param  \Closure $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        $origin = isset($_SERVER['HTTP_ORIGIN']) ? $_SERVER['HTTP_ORIGIN'] : '';
        $allow_origin = [
            'http://localhost',
        ];

//        if (in_array($origin, $allow_origin)) {
//            header('Access-Control-Allow-Origin:' . $origin);
//        }
        return $next($request)
            ->header('Access-Control-Allow-Origin', 'http://localhost')
            ->header('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS')
            ->header('Access-Control-Allow-Headers', 'Origin, Content-Type, Accept, Authorization, X-Requested-With,jpSign,jpUid,jpAppCountry,jpplatform,jpPlatform')
            ->header('Access-Control-Max-Age', 3600 * 24)
            ->header('Access-Control-Allow-Credentials', 'true');
    }
}
